CVE-2026-53835— OpenClaw 授权问题漏洞
Possible ATT&CK Techniques 1AI
T1136.001 · Local Account新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2026-53835の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
OpenClaw < 2026.5.6 - Config-Write Enforcement Bypass in Feishu Dynamic-Agent Bindings
ソース: NVD (National Vulnerability Database)
脆弱性説明
OpenClaw before 2026.5.6 contains a configuration enforcement bypass vulnerability in Feishu dynamic-agent bindings that allows authenticated senders to create or update bindings without honoring configured config-write controls. Attackers can exploit this by leveraging the dynamic-agent binding feature to change sender-agent binding state beyond intended policy, potentially enabling unauthorized binding modifications.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
授权机制不正确
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
OpenClaw 授权问题漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
OpenClaw是OpenClaw团队开源的一个智能人工助理。 OpenClaw 2026.5.6之前版本存在授权问题漏洞,该漏洞源于Feishu dynamic-agent bindings中的配置强制绕过问题,可能导致经过身份验证的发送者在不遵守配置写入控制的情况下创建或更新绑定。攻击者可以利用动态代理绑定功能更改发送者-代理绑定状态超出预期策略,从而导致未经授权的绑定修改。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2026-53835の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2026-53835のインテリジェンス情報
请登录查看更多情报信息。
CVE-2026-53835 厂商安全公告 (2)
Same Patch Batch · OpenClaw · 2026-06-12 · 20 CVEs total
| CVE-2026-53838 | 9.8 CRITICAL | OpenClaw < 2026.5.27 - Node Pairing State Mutation via Reconnection |
| CVE-2026-53822 | 8.8 HIGH | OpenClaw < 2026.5.18 - Command Argument Modification via Shell Wrapper Between Approval an |
| CVE-2026-53836 | 8.8 HIGH | OpenClaw < 2026.5.12 - Allowlist Bypass via PowerShell Encoded-Command Aliases |
| CVE-2026-53821 | 8.8 HIGH | OpenClaw < 2026.5.18 - Scope Elevation in trusted-proxy Control UI WebSocket |
| CVE-2026-53828 | 8.8 HIGH | OpenClaw < 2026.5.6 - Native Command Authorization Bypass via Owner-Command Enforcement |
| CVE-2026-53831 | 8.3 HIGH | OpenClaw < 2026.5.18 - Arbitrary File Read via Shell Expansion in system.run Safe-bin Allo |
| CVE-2026-53823 | 8.1 HIGH | OpenClaw < 2026.5.3 - Privilege Escalation via Mutable Slack Display Names in allowFrom |
| CVE-2026-53829 | 8.0 HIGH | OpenClaw < 2026.5.18 - Command Truncation in Exec Approval Display |
| CVE-2026-53833 | 7.7 HIGH | QQBot for OpenClaw < 2026.4.29 - Authorization Bypass via QQBot Streaming Command |
| CVE-2026-53832 | 7.7 HIGH | OpenClaw < 2026.5.18 - Identity Header Forgery via Trusted-Proxy Configuration |
| CVE-2026-53834 | 7.5 HIGH | OpenClaw < 2026.4.27 - Authorization Bypass in QQBot Pre-dispatch Slash Commands |
| CVE-2026-53820 | 6.6 MEDIUM | OpenClaw < 2026.5.12 - Exec Denylist Bypass in Bundle MCP Loopback Session Spawn |
| CVE-2026-53825 | 6.5 MEDIUM | OpenClaw < 2026.4.7 - Arbitrary Local File Read via memory-wiki Ingest with operator.write |
| CVE-2026-53824 | 6.5 MEDIUM | Mattermost plugin for OpenClaw < 2026.4.24 - Slash Token Revocation Lag via Monitor Refres |
| CVE-2026-53827 | 6.5 MEDIUM | OpenClaw < 2026.5.2 - Credential Exposure via Model-Supplied Loopback URLs in message.acti |
| CVE-2026-53830 | 6.5 MEDIUM | OpenClaw < 2026.4.22 - Webhook Secret Revocation Bypass via secrets.reload |
| CVE-2026-53839 | 6.5 MEDIUM | OpenClaw < 2026.5.7 - Hostname Prefix Matching Bypass in Trusted Retry Endpoint Validation |
| CVE-2026-53826 | 4.3 MEDIUM | OpenClaw < 2026.4.26 - Information Disclosure via Sandboxed Session Spawn |
| CVE-2026-53837 | 3.7 LOW | OpenClaw < 2026.5.6 - Missing Channel Type Validation in Mattermost Event Handlers |
IV. 関連脆弱性
同じ製品: OpenClaw
- CVE-2026-53865
OpenClaw < 2026.5.2 - Arbitrary Command Execution via Works - CVE-2026-53866
OpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Comm - CVE-2026-53864
OpenClaw < 2026.5.26 - Insufficient Environment Variable San - CVE-2026-53862
OpenClaw < 2026.5.12 - Bootstrap Token Replay via Pending Pa - CVE-2026-53863
OpenClaw < 2026.4.25 - Unvalidated Group ID Acceptance in To
同じベンダー: OpenClaw
- CVE-2026-53865
OpenClaw < 2026.5.2 - Arbitrary Command Execution via Works - CVE-2026-53866
OpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Comm - CVE-2026-53864
OpenClaw < 2026.5.26 - Insufficient Environment Variable San - CVE-2026-53862
OpenClaw < 2026.5.12 - Bootstrap Token Replay via Pending Pa - CVE-2026-53863
OpenClaw < 2026.4.25 - Unvalidated Group ID Acceptance in To
同じ弱点: CWE-863
- CVE-2026-47339
Apache APISIX: authz-casdoor incorrect session sharing - CVE-2026-56075
PraisonAI - Arbitrary Shell Command Execution via Hardcoded - CVE-2026-56074
PraisonAI - Tool Approval Cache Bypass via Coarse-Grained Ca - CVE-2026-10741
Nexus Repository Manager - Incorrect Authorization allows cr - CVE-2026-54803
WordPress SMS Alert Order Notifications plugin <= 3.9.4 - Pr
V. CVE-2026-53835へのコメント
まだコメントはありません